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REMARKS 

Please reconsider the application in view of the above amendments and the following 
remarks. Applicant thanks the Examiner for carefully considering this application. 

Disposition of the Claims 

Claims 1-9, 13-25, and 28-35 are pending in the present application. Claims 1, 14, 
15, 20, 21, 23, 24, 34, and 35 are independent. The remaining claims depend, directly or indirectly, 
from claims 1, 15, 21, and 24. 

Claim Amendments 

Claims 1, 14, 15, 20, 21, 23, 24, 34, and 35 have been amended by way of this reply. 
Specifically, claims 1, 14, 15, 20, 24, and 34 have been amended to clarify that the dial-up client 
dials the remote access switch and the dial-up client is an executable that loads and executes the 
custom script dynamically linked library. Additionally, claims 1, 14, 21, 23, 24, and 35 have been 
amended to include the limitation that an instruction to the server is sent from the server side 
cryptographic function via the PKI-Bridge, and the instruction specifies whether the server should 
send an allow connection message to the remote access switch based on the result of verifying the 
reconstructed signed response string. Support for these amendments may be found in at least 
paragraphs [0042], [0047], and [0054]. No new subject matter has been added by way of these 
amendments. 

Rejections under 35 ILS.C. § 103 

Claims 1-9, 13-25, and 28-35 are rejected under 35 U.S.C. § 103(a) as being 
unpatentable over U.S. Patent No. 6,061,796 (hereinafter referred to as "Chen") in view of U.S. 
Patent No. 6,772,341 (hereinafter referred to as "Shrader") and in further view of U.S. Patent No. 
6,377,691 (hereinafter referred to as "Swift"). To the extent this rejection applies to the amended 
claims, this rejection is respectfully traversed. 
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The claimed invention, as amended, relates to a client computer and a server. A dial- 
up client executes on the client computer to dial directly a remote access switch. The dial-up client 
loads and executes a custom script dynamically linked library. The custom script dynamically 
linked library is an interface to a client side cryptographic function on the client computer. The 
client-side cryptographic function provides a response to a challenge generated by the server in 
order to authenticate the user. The server has a PKI-bridge that is the interface between the server 
and a server side cryptographic function. After receiving and verifying the response to the 
generated challenge string the server-side cryptographic function instructs the server to send a 
message to the remote access switch whether to allow or deny connection to the client computer. 
The instruction is sent from the server-side cryptographic function through the PKI-bridge to the 
server. The server then sends the message to the remote access switch. 

To establish a prima facie case of obviousness "...the prior art reference (or 
references when combined) must teach or suggest all the claim limitations" (see, MPEP § 2143.03). 
Further, "all words in a claim must be considered in judging the patentability of that claim against 
the prior art" (see, MPEP § 2143.03). The Applicant respectfully asserts that the references, when 
combined, fail to teach or suggest all the claim limitations of the amended claims. In addition, 
"during the patent examination, the pending claims must be given their broadest reasonable 
interpretation consistent with the specification" (see, MPEP § 21 1 1, emphasis added). 

Applicant respectfully asserts that Chen fails to teach or suggest a dial-up client that 
dials a remote access switch and is an executable file that loads and executes code in the custom 
script dynamically linked library. Applicant asserts that the Examiner incorrectly alleges that Chen 
teaches a dial-up client in the rejection. In order to support the rejection, the Examiner relies solely 
on a small block labeled "hardware" in the Figure 3 of Chen and the description of the hardware as 
a network or a modem connection (see, Office Action mailed May 18, 2006, p. 3). The amended 
claim makes it abundantly clear that the dial-up client is an executable file, not hardware. 
Specifically, in current Specification and the claimed invention, the dial-up client is clearly defined 
as an executable file (see, e.g., paragraph [0042] of the current specification) as opposed to the 
hardware as taught by Chen. Accordingly, because hardware can never be equivalent to an 
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executable file, Chen does not teach or suggest anything even remotely comparable to a dial-up 
client. 

Moreover, Chen does not teach or suggest a remote access switch that performs the 
functionality specified in the amended claims. Specifically, in the claimed invention of the current 
application, the dial-up client dials the remote access switch and the server can inform the remote 
access switch whether to allow or deny a connection. In contrast, in Chen, the only type of 
connection disclosed is performed through an open network (see, e.g., Chen, col. 1 11. 26-36 and 
Figure 6). As it is well known in the art, in order to gain connection and authentication to a 
protected server at the end of an open network, the client must first be authenticated to an access 
point (e.g., an internet service provider) within the open network. Only after being authenticated to 
the access point of the open network, may the client then begin authentication with the protected 
server. Chen does not disclose a single entity (e.g., the remote access switch of the claimed 
invention) that is dialed into by a client and can be informed by the server doing the verification of 
the client using cryptography whether to allow or deny a connection to the client. Thus, Chen does 
not teach or suggest using a single entity (i.e., remote access switch) as explicitly required by the 
claimed invention. 

Furthermore, Chen does not teach or suggest a PKI-Bridge that is an interface 
between the server and the server-side cryptographic function. In order to support the rejection of 
the limitation, the Examiner incorrectly asserts that the SmartGate VPN taught by Chen is 
equivalent to the PKI-Bridge recited in the claimed invention (see Office Action mailed May 18, 
2006, p. 3). However, it is clear from Chen that the SmartGate VPN is an interface between the 
server and the client, not the server and the server-side cryptographic function as required by the 
claimed invention. Specifically, in Chen, the client is sent the authorization to use the Server by the 
SmartGate VPN. In contrast, in the claimed invention, the server-side cryptographic function sends 
an instruction to the server via the PKI-Bridge. Then, the server sends the message whether to 
allow or deny connection to the remote access switch based on the instruction. Thus, the PKI- 
Bridge as recited in the claimed invention cannot be considered equivalent to a SmartGate VPN. 
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As discussed above, Chen fails to disclose all the limitations of amended independent 


claims. Further, Shrader and Swift do not teach that which Chen lacks. This is evidenced by the 
fact that Shrader is only relied upon to teach a directory server accessed by a server-side 
cryptographic function and that Swift is only relied upon to teach challenge string/response string 
encryption (see Office Action mailed May 18, 2006, p. 4). Further, there is no discussion in either 
Shrader or Swift directed to a dial-up client, a remote access switch, or a PKI-Bridge as recited in 
the amended claims. 


separately, fail to support the rejection of amended independent claims 1, 14, 15, 20, 21, 23, 24, 34, 
and 35. Dependent claims 2-9, 13, 16-19, 22, 25, and 28-33, which depend directly or indirectly 
from the aforementioned independent claims are allowable for at least the same reasons as the 
aforementioned independent claims. Withdrawal of this rejection is rejection is respectfully 
requested. 

Conclusion 

Applicant believes this reply is fully responsive to all outstanding issues and places 
this application in condition for allowance. If this belief is incorrect, or other issues arise, the 
Examiner is encouraged to contact the undersigned or his associates at the telephone number listed 
below. Please apply any charges not covered, or any credits, to Deposit Account 50-0591 
(Reference Number 09469/006001). 

Dated: August 1 8, 2006 Respectfully submitted, 


In view of the above, Chen, Shrader, and Swift, whether considered together or 
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